Description of the vulnerability

An attacker can trigger a Cross Site Scripting in Alphabetic Sitemap (alpha_sitemap), in order to execute JavaScript code in the context of the web site. [severity:2/4; CVE-2014-6291]

An attacker can use femanager (femanager), in order to escalate his privileges. [severity:2/4; BID-65570, CVE-2014-6292]

An attacker can use a SQL injection in Statistics (ke_stats), in order to read or alter data. [severity:2/4; BID-65566, CVE-2014-6293]

An attacker can trigger a Cross Site Scripting in External links click statistics (outstats), in order to execute JavaScript code in the context of the web site. [severity:2/4; CVE-2014-6294]

An attacker can use TYPO3 Security / Intrusion Detection System (px_phpids), in order to obtain sensitive information. [severity:2/4]

An attacker can use smarty (smarty), in order to obtain sensitive information. [severity:2/4]

An attacker can use a SQL injection in WEC Map (wec_map), in order to read or alter data. [severity:2/4; BID-65583, CVE-2014-6295]

An attacker can trigger a Cross Site Scripting in WEC Map (wec_map), in order to execute JavaScript code in the context of the web site. [severity:2/4; CVE-2014-6296]Complete Vigil@nce bulletin.... (Free trial)